Summary
A web page with an extremely long <title> attribute can causeOpera to crash when certain conditions are met. It affectsWindows users with Input Method Editor (IME) installed.
Severity: Medium
Problem description
If a Windows user with Input Method Editor (IME) installedbookmarks a page with an extremely long <title> element,Opera will crash upon next startup. Opera will not recoverfrom this on its own, so the user will not be able to startOpera.
This affects Japanese users and others using IME for textinput. It also affects Opera users on Mac OSX. Since Operawill not start afterwards, it can be used for denial of serviceattacks.
Workaround: Remove autosave.win after the crash.
Opera’s response
Opera has released version 8.51, where this flaw has beencorrected.
Credits
Thanks to Tatsuya Matsumoto and jp-CERT for reporting thisissue to us.